It happens from time to time that I get a call about a computer that won’t start because of the file windows/system32/config/system is missing or corrupt. Although there are not just a few clicks of the mouse I rattle off the top of my head and BAMB your system is working again but, it is not a big deal.

I come on site (prepared with Windows XP disk), I boot to the recovery console, I copy the missing file from the repair folder, and I never have to remember the exact steps as I bring my laptop do a quick Google search and in a few clicks I have a page detailing the process.

Yesterday however I did the above on a client machine and when I rebooted I had the lsass.exe error saying the system password didn’t match (I honestly can’t remember the exact message). Ut oh! First, I thought well let me copy all four system files instead of just the missing one. So I do – sam, system, software, security. Reboot – same error.

Google made the solution easy, but since so many results were pages detailing the above procedure it took a little longer to find the page with a better answer.

http://www.geekstogo.com/forum/lsass-exe-error-startup-t12548.html&st=60

I had already been booting the computer with a Knoppix CD because the recovery console wouldn’t let me in due to the lsass password problem. So instead of following the instructions on geekstogo.com (my kinda site, i know) I booted with the Knoppix CD, mounted the drive and made it editable (right clicking the HDA on the desktop) and then did the following:

  1. Backup the windows/system32/config folder just in case things go wrong
  2. Remove the following files from the config folder sam, system, software, security
  3. copy from a restore point found in System Volume Information/restore/rpxxx (I picked the most recent) these four files
    1. _REGISTRY_MACHINE_SOFTWARE
    2. _REGISTRY_MACHINE_SAM
    3. _REGISTRY_MACHINE_SECURITY
    4. _REGISTRY_MACHINE_SYSTEM
  4. Then renamed each software, sam, security, system.
  5. I rebooted and prayed – a very technical part of the procedure.

I was back up and running although McAfee was giving errors so I had to reinstall. I wonder if this was the cause?

Anyway, the important thing is that I won again! Brian Haines 2,346,754. Computers 568. I am still ahead.

Facebooktwitterredditpinterestlinkedinmailby feather